Information on source package libsixel

Available versions

ReleaseVersion
jessie1.1.2-1
stretch1.5.2-2+deb9u1
buster1.8.2-1+deb10u1
bullseye1.8.6-2
bookworm1.8.6-2
sid1.8.6-2

Open issues

BugjessiestretchbusterbullseyebookwormsidDescription
CVE-2020-36120vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableBuffer Overflow in the "sixel_encoder_encode_bytes" function of Libsix ...
CVE-2020-21677vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA heap-based buffer overflow in the sixel_encoder_output_without_macro ...
CVE-2020-21548vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedLibsixel 1.8.3 contains a heap-based buffer overflow in the sixel_enco ...
CVE-2020-21547vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedLibsixel 1.8.2 contains a heap-based buffer overflow in the dither_fun ...
CVE-2020-21050vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedLibsixel prior to v1.8.3 contains a stack buffer overflow in the funct ...
CVE-2020-21049vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn invalid read in the stb_image.h component of libsixel prior to v1.8 ...
CVE-2020-21048vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue in the dither.c component of libsixel prior to v1.8.4 allows ...
CVE-2020-19668vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableUnverified indexs into the array lead to out of bound access in the gi ...
CVE-2020-11721vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableload_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitiali ...
CVE-2019-20205vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedlibsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame. ...
CVE-2019-20140vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in libsixel 1.8.4. There is a heap-based buffe ...
CVE-2019-20094vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in libsixel 1.8.4. There is a heap-based buffe ...
CVE-2019-20056vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedstb_image.h (aka the stb image loader) 2.23, as used in libsixel and o ...
CVE-2019-20024vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA heap-based buffer overflow was discovered in image_buffer_resize in ...
CVE-2019-20023vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA memory leak was discovered in image_buffer_resize in fromsixel.c in ...
CVE-2019-20022vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn invalid memory address dereference was discovered in load_pnm in fr ...
CVE-2019-19778vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in libsixel 1.8.2. There is a heap-based buffe ...
CVE-2019-19777vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedstb_image.h (aka the stb image loader) 2.23, as used in libsixel and o ...
CVE-2019-19638vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in libsixel 1.8.2. There is a heap-based buffe ...
CVE-2019-19637vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in libsixel 1.8.2. There is an integer overflo ...
CVE-2019-19636vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in libsixel 1.8.2. There is an integer overflo ...
CVE-2019-19635vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in libsixel 1.8.2. There is a heap-based buffe ...
CVE-2019-3574vulnerable (no DSA)fixedfixedfixedfixedfixedIn libsixel v1.8.2, there is a heap-based buffer over-read in the func ...
CVE-2019-3573vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedIn libsixel v1.8.2, there is an infinite loop in the function sixel_de ...
CVE-2018-19761vulnerable (no DSA)fixedfixedfixedfixedfixedThere is an illegal address access at fromsixel.c (function: sixel_dec ...
CVE-2018-19759vulnerable (no DSA)fixedfixedfixedfixedfixedThere is a heap-based buffer over-read at stb_image_write.h (function: ...
CVE-2018-19757vulnerable (no DSA)fixedfixedfixedfixedfixedThere is a NULL pointer dereference at function sixel_helper_set_addit ...
CVE-2018-14073vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedlibsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c ...
CVE-2018-14072vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedlibsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormsidDescription
CVE-2019-11024vulnerablevulnerablevulnerablefixedfixedfixedThe load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has ...

Resolved issues

BugDescription
CVE-2018-19763There is a heap-based buffer over-read at writer.c (function: write_pn ...
CVE-2018-19762There is a heap-based buffer overflow at fromsixel.c (function: image_ ...
CVE-2018-19756There is a heap-based buffer over-read at stb_image.h (function: stbi_ ...

Search for package or bug name: Reporting problems